Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not Removed Before Reuse in the ASUS System Control Interface driver and ASUS Business Manager allow a local administrator to disclose sensitive information via crafted IOCTL requests, which, in severe cases, may lead to a Denial of Service (DoS) on the system.
Refer to the '
Security Update for ASUS System Control Interface ' section on the ASUS Security Advisory for more information.
Refer to the '
Security Update for ASUS System Control Interface ' section on the ASUS Security Advisory for more information.
Project Subscriptions
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
| Link | Providers |
|---|---|
| https://www.asus.com/security-advisory/ |
|
History
Wed, 15 Jul 2026 02:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not Removed Before Reuse in the ASUS System Control Interface driver and ASUS Business Manager allow a local administrator to disclose sensitive information via crafted IOCTL requests, which, in severe cases, may lead to a Denial of Service (DoS) on the system. Refer to the ' Security Update for ASUS System Control Interface ' section on the ASUS Security Advisory for more information. | |
| First Time appeared |
Asus
Asus business Manager Asus system Control Interface Asus system Control Interface V3 |
|
| Weaknesses | CWE-226 CWE-770 |
|
| CPEs | cpe:2.3:a:asus:business_manager:*:*:*:*:*:*:*:* cpe:2.3:a:asus:system_control_interface:*:*:*:*:*:*:*:* cpe:2.3:a:asus:system_control_interface_v3:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Asus
Asus business Manager Asus system Control Interface Asus system Control Interface V3 |
|
| References |
| |
| Metrics |
cvssV4_0
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: ASUS
Published:
Updated: 2026-07-15T02:01:10.343Z
Reserved: 2026-06-29T00:35:42.676Z
Link: CVE-2026-13585
No data.
No data.
No data.
OpenCVE Enrichment
No data.